[tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 25 23:33:55 UTC 2015
#17694: Hash PRNG output before use, so that it's not revealed to the network
-----------------------------+--------------------------------
Reporter: teor | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: unspecified
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Sponsor:
-----------------------------+--------------------------------
In a review of prop250, ioerror suggests that we should hash raw random
values before revealing them to the network.
https://lists.torproject.org/pipermail/tor-dev/2015-November/009954.html
This avoids an attack similar to the one that broke Dual EC:
http://projectbullrun.org/dual-ec/ext-rand.html
I have a patch for this, I need to clean it up to merge cleanly on top of
#17686.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17694>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list